Network intrusion detection with semantics-aware capability

14 years 5 months ago

Download www.cse.lehigh.edu

Malicious network traffic, including widespread worm activity, is a growing threat to Internet-connected networks and hosts. In this paper, we propose a network intrusion detection system (NIDS) with semantics-aware capability. Our NIDS segregates suspicious traffic from the regular traffic flow, extracts binary code from the suspicious traffic, and performs semantic analysis on it to identify potential threats. Our contributions in this work are threefold: (a) we believe our prototype is the first NIDS that provides semanticsaware capability, (b) our implementation is more efficient than what is reported in [5], (c) our designed templates can capture polymorphic shellcodes with added sequences of stack and mathematic operations.

Walter J. Scheirer, Mooi Choo Chuah

Real-time Traffic

Distributed And Parallel Computing | IPPS 2006 | Malicious Network Traffic | Regular Traffic Flow | Suspicious Traffic |

claim paper

Post Info
More Details (n/a)

Added	12 Jun 2010
Updated	12 Jun 2010
Type	Conference
Year	2006
Where	IPPS
Authors	Walter J. Scheirer, Mooi Choo Chuah

Comments (0)

Sciweavers

Network intrusion detection with semantics-aware capability

Distributed And Parallel Computing | IPPS 2006 | Malicious Network Traffic | Regular Traffic Flow | Suspicious Traffic |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers